fix CVE-2017-9287 vulnerability in servers/slapd/back-mdb/search.c
Resolves: #1456713
This commit is contained in:
Matúš Honěk
parent
32c688fc27
commit
2ee572d2cb
|
|
@ -0,0 +1,23 @@
|
|||
commit ec2fe743f5795eb7aaf43687e6b257ac071cef22
|
||||
Author: Ryan Tandy <ryan@nardis.ca>
|
||||
Date: Wed May 17 20:07:39 2017 -0700
|
||||
|
||||
ITS#8655 fix double free on paged search with pagesize 0
|
||||
|
||||
Fixes a double free when a search includes the Paged Results control
|
||||
with a page size of 0 and the search base matches the filter.
|
||||
|
||||
diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c
|
||||
index 009939d..d0db918 100644
|
||||
--- a/servers/slapd/back-mdb/search.c
|
||||
+++ b/servers/slapd/back-mdb/search.c
|
||||
@@ -1066,7 +1066,8 @@ notfound:
|
||||
/* check size limit */
|
||||
if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
|
||||
if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
|
||||
- mdb_entry_return( op, e );
|
||||
+ if (e != base)
|
||||
+ mdb_entry_return( op, e );
|
||||
e = NULL;
|
||||
send_paged_response( op, rs, &lastid, tentries );
|
||||
goto done;
|
||||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
Name: openldap
|
||||
Version: 2.4.44
|
||||
Release: 10%{?dist}
|
||||
Release: 11%{?dist}
|
||||
Summary: LDAP support libraries
|
||||
Group: System Environment/Daemons
|
||||
License: OpenLDAP
|
||||
|
|
@ -45,6 +45,8 @@ Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
|
|||
Patch20: openldap-ldapi-sasl.patch
|
||||
Patch22: openldap-nss-protocol-version-new-api.patch
|
||||
|
||||
Patch30: openldap-ITS8655-fix-double-free-on-paged-search-with-pagesize-0.patch
|
||||
|
||||
Patch50: openldap-nss-cipher-attributes.patch
|
||||
Patch51: openldap-nss-ciphers-parsing.patch
|
||||
Patch52: openldap-nss-ciphers-use-nss-defaults.patch
|
||||
|
|
@ -151,6 +153,7 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
|
|||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch22 -p1
|
||||
%patch30 -p1
|
||||
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
|
|
@ -548,6 +551,9 @@ exit 0
|
|||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Tue Jul 4 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-11
|
||||
- fix CVE-2017-9287 openldap: Double free vulnerability in servers/slapd/back-mdb/search.c (#1456713)
|
||||
|
||||
* Fri Mar 31 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-10
|
||||
- NSS: Maximal TLS protocol version should be equal to NSS default (#1435689)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue